Sa9000p Firmware Security Vulnerabilities and Issues — Sa9000p Firmware CVE List

A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.2CVSS5.7AI score0.00047EPSS

CVE•added 2024/12/02 11:15 a.m.•57 views

CVE-2024-33036

Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.

6.7CVSS6.6AI score0.00015EPSS

CVE•added 2023/06/06 8:15 a.m.•54 views

CVE-2022-40533

Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.

6.2CVSS5.7AI score0.00044EPSS

CVE•added 2022/09/02 12:15 p.m.•53 views

CVE-2022-22101

Denial of service in multimedia due to uncontrolled resource consumption while parsing an incoming HAB message in Snapdragon Auto

6.2CVSS5.6AI score0.0006EPSS

CVE•added 2023/01/09 8:15 a.m.•53 views

CVE-2022-40518

Information disclosure due to buffer overread in Core

6.8CVSS5.7AI score0.00047EPSS

CVE•added 2024/06/03 10:15 a.m.•52 views

CVE-2024-21478

transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA.

6.2CVSS6.3AI score0.00074EPSS

CVE•added 2023/12/05 3:15 a.m.•50 views

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

6.5CVSS6.1AI score0.00039EPSS

CVE•added 2023/01/09 8:15 a.m.•48 views

CVE-2022-40519

Information disclosure due to buffer overread in Core

6.8CVSS5.7AI score0.00047EPSS

CVE•added 2024/05/06 3:15 p.m.•43 views

CVE-2023-43528

Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.

6.1CVSS6.6AI score0.00041EPSS

CVE•added 2025/01/06 11:15 a.m.•43 views

CVE-2024-33067

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

6.1CVSS6.3AI score0.00019EPSS

CVE•added 2025/02/03 5:15 p.m.•42 views

CVE-2024-38417

Information disclosure while processing IO control commands.

6.1CVSS6.3AI score0.00019EPSS

CVE•added 2025/02/03 5:15 p.m.•39 views

CVE-2024-38414

Information disclosure while processing information on firmware image during core initialization.

6.1CVSS6.2AI score0.00019EPSS

CVE•added 2024/10/07 1:15 p.m.•38 views

CVE-2024-23378

Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record.

6.7CVSS6.8AI score0.00028EPSS

CVE•added 2024/10/07 1:15 p.m.•38 views

CVE-2024-23379

Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario.

6.7CVSS6.8AI score0.00028EPSS

CVE•added 2024/12/02 11:15 a.m.•37 views

CVE-2024-33037

Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.

6.1CVSS6.2AI score0.0002EPSS

CVE•added 2024/12/02 11:15 a.m.•36 views

CVE-2024-33053

Memory corruption when multiple threads try to unregister the CVP buffer at the same time.

6.7CVSS6.8AI score0.00023EPSS

CVE•added 2025/03/03 11:15 a.m.•35 views

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

6.5CVSS7.1AI score0.00021EPSS

CVE•added 2024/11/04 10:15 a.m.•31 views

CVE-2024-33032

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.